Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: bade5a4a by Salvatore Bonaccorso at 2022-01-26T09:58:05+01:00 Add CVE-2022-0338/loguru I'm marking this as unimportant as the action taken by upstream seems to be to clarify the documentation with respect to security considerations to be taken and documenting best practices. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -655,7 +655,10 @@ CVE-2022-23849 CVE-2022-0339 RESERVED CVE-2022-0338 (Improper Privilege Management in Conda loguru prior to 0.5.3. ...) - TODO: check + - loguru <unfixed> (unimportant) + NOTE: https://huntr.dev/bounties/359bea50-2bc6-426a-b2f9-175d401b1ed0/ + NOTE: Document best practices for security: https://github.com/delgan/loguru/commit/ea39375e62f9b8f18e2ca798a5c0fb8c972b7eaa + NOTE: loguru documents security considerations and best practices to follow CVE-2022-23848 RESERVED CVE-2022-23847 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bade5a4a2609205ebab035b7848eb5391eb57947 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bade5a4a2609205ebab035b7848eb5391eb57947 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits